Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 1 subscriber
  • Views 4461 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Are Advanced Reverse Proxy Options Possible

m00dawg
I am trying to setup a reverse proxy for our phone system (ShoreTel). Not only is a reverse proxy required, but so is mod_rewrite. I see that the reverse-proxy HTTP configuration (/var/chroot-reverseproxy/usr/apache/conf) includes the mod_rewrite module, but is there a way to put in my own rewrites and/or virtual server definitions without having to do anything crazy (like 'chattr +i ...')?

The config I need to setup is something like this:

RewriteRule ^/theme/(.+)$ /director2/theme/$1 [P] RewriteRule ^/yui_2.7.0/(.+)$ /director2/yui_2.7.0/$1 [P] RewriteRule ^/js/(.+)$ /director2/js/$1 [P]
ProxyPass /authenticate/ http://10.0.0.1/ ProxyPassReverse /authenticate/ http://10.0.0.1/
ProxyPass /cas/ http://10.0.0.1:5447/ ProxyPassReverse /cas/ http://10.0.0.1:5447/
ProxyPass /director2/ http://10.0.0.1:5449/ ProxyPassReverse /director2/ http://10.0.0.1:5449/

Without this, the redirects the system uses end up trying to redirect back to the private IP and that's not going to work.

Thanks!

Tim


This thread was automatically locked due to age.
Parents
  • 0
    I'm wondering if it would be possible to leverage the URL Hardening Entry URL's feature to achieve blocking the sites that you don't want to be accessible.  I don't have the ability to test this with my current setup, but theoretically:  Can create a real web server entry pointing to an unused IP, create a firewall profile with URL Hardening and the two URLs you don't want as the entry points, then create the virtual web server utilizing that firewall profile and pointing to the nonexistent real web server.  IF (big If) it works, it could act as a blackhole mechanism for those URLs.  Or I could just be completely misunderstanding how this would work in WAF, since my utilization of WAF has been extremely limited.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Reply
  • 0
    I'm wondering if it would be possible to leverage the URL Hardening Entry URL's feature to achieve blocking the sites that you don't want to be accessible.  I don't have the ability to test this with my current setup, but theoretically:  Can create a real web server entry pointing to an unused IP, create a firewall profile with URL Hardening and the two URLs you don't want as the entry points, then create the virtual web server utilizing that firewall profile and pointing to the nonexistent real web server.  IF (big If) it works, it could act as a blackhole mechanism for those URLs.  Or I could just be completely misunderstanding how this would work in WAF, since my utilization of WAF has been extremely limited.
    __________________
    ACE v8/SCA v9.3

    ...still have a v5 install disk in a box somewhere.

    http://xkcd.com
    http://www.tedgoff.com/mb
    http://www.projectcartoon.com/cartoon/1
Children
No Data
Unfiltered HTML